提交 6add9f7f 编写于 作者: P Peter Oberparleiter 提交者: Linus Torvalds

[PATCH] s390: kernel stack corruption

When an asynchronous interruption occurs during the execution of the
'critical section' within the generic interruption handling code (entry.S),
a faulty check for a userspace PSW may result in a corrupted kernel stack
pointer which subsequently triggers a stack overflow check.
Signed-off-by: NPeter Oberparleiter <peter.oberparleiter@de.ibm.com>
Signed-off-by: NMartin Schwidefsky <schwidefsky@de.ibm.com>
Signed-off-by: NAndrew Morton <akpm@osdl.org>
Signed-off-by: NLinus Torvalds <torvalds@osdl.org>
上级 26ff6ad9
......@@ -108,7 +108,7 @@ STACK_SIZE = 1 << STACK_SHIFT
bl BASED(0f)
l %r14,BASED(.Lcleanup_critical)
basr %r14,%r14
tm 0(%r12),0x01 # retest problem state after cleanup
tm 1(%r12),0x01 # retest problem state after cleanup
bnz BASED(1f)
0: l %r14,__LC_ASYNC_STACK # are we already on the async stack ?
slr %r14,%r15
......
......@@ -101,7 +101,7 @@ _TIF_WORK_INT = (_TIF_SIGPENDING | _TIF_NEED_RESCHED | _TIF_MCCK_PENDING)
clc \psworg+8(8),BASED(.Lcritical_start)
jl 0f
brasl %r14,cleanup_critical
tm 0(%r12),0x01 # retest problem state after cleanup
tm 1(%r12),0x01 # retest problem state after cleanup
jnz 1f
0: lg %r14,__LC_ASYNC_STACK # are we already on the async. stack ?
slgr %r14,%r15
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册